pre-conference | sunday, oct 28, 2018 · jaiber taborda corrales, dirección ciberseguridad y...
TRANSCRIPT
1 | P a g e
PRE-CONFERENCE | Sunday, Oct 28, 2018
8:30AM – 5:30PM Exhibit Area Set Up
Mezzanine Level
12:30PM – 5:30PM Registration Mezzanine Level
9:00AM – 6:00PM Celaes Private Technical Committee Escorial&Alhambra
DAY ONE | Monday, Oct 29, 2018
7:00AM - 5:30PM Registration Mezzanine Level
7:00AM – 8:30AM Continental Breakfast in Exhibit Area
Mezzanine Level
8:00AM – 8:15AM
Welcome & Opening Remarks
David Schwartz, President & CEO, FIBA
Giorgio Trettenero, Secretario General, FELABAN
Santiago Rodriguez, Director Seguridad Gestión del Efectivo y Valorados, Vicepresidencia de
Servicios, Banco Pichincha y Presidente, Comité Celaes FELABAN
Grand Ballroom
8:15 AM – 9:15 AM
General Session 1 Cyberthreat Intelligence Sharing
Key takeaways:
Identify that cyber security is a global risk and a global concern - Information sharing can decrease impact if willing to work intra-sector and inter-sector/within the country and internationally
Information sharing to help identify root cause and techniques used in a cyber incident
Information sharing supports government relations/compliance/global operations - set global best practices and gain lessons learned
Grand Ballroom
2 | P a g e
Avenues for partnership - Highlight working group opportunities, FSSCC International Committee, FS-ISAC efforts, etc.
Moderator:
David Schwartz, President & CEO, FIBA
Speakers:
Tiffany Harbour, VP, Cyber Public Policy, Bank of America
Devon Bryan, EVP & CISO, Federal Reserve Bank
Magdiel Rodriguez, Regional Director, Latin America and Caribbean, FS-ISAC
9:15 AM – 10:15 AM
General Session 2
Current Trends in Cybercrime: A Law Enforcement Perspective
Key Takeaways
What are the Current Trends in Transnational Cybercrime (including arrests). What/where is the Dark Web and how does it work. What is "malware" and where does it come from. How are Financial Institutions and their customers being targeted. Why is real proactive Cyber Intelligence and working with law enforcement
important. How to prevent Business Email Compromises (BEC). What is Ransomware and some preventative measures you can take at
home/work.
Moderator:
Robert Villanueva, Executive Vice President, Q6 Cyber & Retired Secret Service
Cyber Intelligence Section Founder
Speakers:
Charles “Brad” Leopard, Supervisor, Miami Electronic Crimes Task Force Forensic, U.S. Secret Service
Jason Manar, Network Intrusion Section, FBI - Miami John F. Tobon, Deputy Special Agent in Charge, Homeland Security
Investigations - Miami Rick Arias, Detective Miami Beach PD, Miami Electronic Crimes Task Force, U.S.
Secret Service – Computer Forensics
Grand Ballroom
10:15AM –10:45AM Coffee Break Exhibit Area –
Mezzanine Level
3 | P a g e
10:45AM-11:30AM
Breakout Session 1A
Threats from digital banking, a holistic vision in the prevention of bank fraud
Identifying and prioritizing the main threats of digital banking Risks in digital transformation 360 degree shielding v. Partial shielding Integrated and intelligent multilayer shielding for better prevention Customer's holistic vision, the best strategy. Real Time vrs Near Real Time We cannot forget the internal fraud Best practices in multi-layer armoring
Speakers:
Jorge Domingo Samayoa, CEO y Fundador, Plus Technologies
Martha Leuro Villamarin, CISO, Banco BBVA Colombia
Driss Temsamani, Head of Digital Channels and Enterprise Banking, Citi Latin
America
Grand Ballroom
10:45AM-11:30AM
Breakout Session 1B - Spanish
Show me the Money! Cloud is ready for Banking. – Are Latin America Banks ready for
Cloud?
The Cloud is proven infrastructure for speeding up innovation and transformation in nearly every
industry. In fact, the cloud has been an enabler of many other disruptive technologies including big
data, IoT, AI, etc. As a result, while the financial services industry is still in the early stages of moving
to the cloud, we keep seeing more Banks and financial companies with a cloud strategy, usually a
mix of on-premises (on-prem), private, and public cloud infrastructure. The common concerns of
banks like interoperability, 24x7 uptime, secure storage, isolate systems, low latency, compliance
governance, etc., are all addressed by cloud in nowadays. However, there remains obstacles to the
adoption of this technology as regulators and banks struggle to ensure how to secure data, who is
responsible, how to mitigate new cyber-threats, and others. This session will look at the challenges,
opportunities and trends facing banks as the industry transitions securely to the cloud.
Speakers:
Jaiber Taborda Corrales, Dirección Ciberseguridad y Seguridad de la Información, Bancolombia
Juan Barahona, Regional Director – Sales Engineering, C&W Business
Chopin
10:45AM-11:30AM
Breakout Session 1C - Spanish
Control and Risk Management in front of the new scenario of Digital
Banking
Recent trends and technologies generating new risks and opportunities.
Biscayne
4 | P a g e
Insight into the new challenges faced by the financial industry as it evolves into a Digital Customer Experience.
Strategies to prevent, detect, respond to and recover from cyber-risks Efforts in inter-organizational and international cooperation and regulation. New necessary digital skill-set for control and risk management and the
importance of organizational cultural awareness.
Moderator:
José Marangunich, Presidente, Comité Consultivo Felaban Celaes y Gerente de Area, Banco de Crédito del Perú
Speakers:
José Esposito, Gerente Corporativo de Auditoria, Banco de Crédito del Perú Jeferson Ricardo Garcia Honorato, Director, Banco Digital Next, Propiedad
Banco Bradesco
11:30AM-12:30PM
General Session 3
KEYNOTE SPEAKER – Chris Roberts
“Inside the Mind of a Hacker”
Mr. Roberts is considered one of the world’s foremost experts on counter threat
intelligence and vulnerability research within the Information Security industry.
As one of the most well-known white hat hackers and researchers, Chris is routinely invited to speak at industry conferences. He’s been covered in the media by CNN, The Washington Post, WIRED, Business Insider, USA Today, Forbes, Newsweek, BBC News, and countless others. Moderator:
David Schwartz, President & CEO, FIBA
Speaker:
Chris Roberts
White Hat Hacker & Researcher, Chief of Adversarial Research and Engineering,
Lares
Grand Ballroom
12:30PM-1:30PM
General Session 4
DNS Abuse and Criminal Activity
Refresher on Internet identifiers What is the Domain Name System?
o Domain name resolution process o Domain name creation process
Grand Ballroom
5 | P a g e
o Why does this matter from a security standpoint? How do criminals abuse the DNS? What types of information are available in the DNS? Demonstrations
Speaker:
Carlos Alvarez, Director of Security, Stability and Resiliency Engagement SSR Team | Office of the CTO | ICANN – Internet Corporation for Assigned Names and Numbers `
1:30PM -2:30PM Lunch
Chopin - Biscayne
2:30PM-3:30PM
General Session 5
Cloud - Amazon
Grand Ballroom
3:30PM-4:15PM
Breakout Session 2A
Hacking Techniques – Live Demo with a Hacker
Moderator:
Alejandro Mijares, Risk Advisory Services Leader - Banking & Information Security, Kauffman Rossin
Speaker: Henry Flefel, Risk Advisory Services, Kauffman Rossin
Aft After attending this session, the audience will be able to understand some of the sources and techniques used by cyber-criminals, and how ethical hackers use this knowledge to help businesses such:
Gathering intelligence from public sources both in the surface of the Internet and beneath it
Ingenious phishing techniques and network trickery Man in the middle attach The objective of the session is to show examples of these attacks vectors as perpetrated by malicious actors, known as black-hats, and how a financial institution can benefit from these resources when professionally performed by white-hats.
o
Grand Ballroom
3:30PM-4:15PM
Breakout Session 2B
Building an Insider Threat Protection Program
Learn how your security team can address key questions around the development and implementation of a comprehensive insider threat program. This session will cover:
How to build an insider threat program and identify insider threats Getting C-Level and the board's buy-in
Chopin
6 | P a g e
The pain inflicted by insider incidents
Speakers :
Ana Roldan, AVP, Chief Information Security Officer, Miami Dade College Do you know what your employees are doing at work? The enterprise can no longer rely on a defensible
security perimeter. Rapid digitization has driven the evolution of insider risk—especially in complex
organizations. With the growth of digital exhaust, security teams need to better understand and manage
vast amounts of data in order to protect the business. Recognizing how existing data sources can be
utilized in your security strategy and how insider human behavior and activity can be evidence of
potential security risks are two of the first main steps in the process. Educating employees and other
users in the system on a culture of security follows closely behind.
3:30PM-4:15PM
Breakout Session 2C
Speakers:
Ronald Wieselberg, Sales Director, Issuer Relations, Ethoca Mario Rivero, Director, VISA Jack Sinnott, Payment Systems Fraud Management Executive, Master Card
Biscayne
4:15PM-4:45PM Coffee Break Exhibit Area –
Mezzanine Level
4:45PM- 5:30PM
Breakout Session 3A - Spanish
Current risks in cyber security and what actions to take against new cyber-
attacks
Moderator:
Santiago Rodriguez, Director Seguridad Gestión del Efectivo y Valorados, Vicepresidencia de
Servicios, Banco Pichincha y Presidente, Comité Celaes FELABAN
Speakers:
José Rafael Revert, CTO, Cyttek Group
Eusebio Sánchez Rodríguez, VP, Citibanamex | Enterprise Banking Service
Grand Ballroom
7 | P a g e
4:45PM- 5:30PM
Breakout Session 3B – English
Growing your business through Digital Transformation; Protecting your Organization
with Cybersecurity Solutions.
In our Hyperconnected world, financial institutions and businesses need to embrace opportunities such as the Enterprise of Things to remain competitive. But what is the price of this innovation? This session will discuss how you can successfully optimize workforce, workflow and workplace strategies to remain competitive. Our proven leadership in high-security and financial organizations uniquely positions to assess your threat landscape and apply the capabilities we have developed working in the most demanding environments.
Speakers:
Alex Willis, VP Technical Solutions, Blackberry Fabiano Lima, Director Regional América Latina e Iberia, Checkmarx
Chopin
4:45PM- 5:30PM
Breakout Session 3C - English
Insider Threat to Financial Services
The insider threat poses substantial risks to the financial services industry, and the consequences for
not addressing this challenge can be detrimental to a company’s intellectual property, brand
reputation, and physical security, among other assets. With security resources and programs often
focused on mitigating external attacks, many organizations are either unaware of the threats that
arise internally or are ill-prepared to address them before they inflict harm.
With an emphasis on the unique challenges facing the financial services sector, Flashpoint’s Principal
Advisor Eric Lackey will examine the true nature of the insider threat, malicious insiders’ tactics,
techniques, and procedures (TTPs), and provide risk mitigation strategies. This presentation will
discuss how detection capabilities, threat intelligence, and effective insider threat program
management are vital components of addressing this threat in order to preserve intellectual
property, protect key business assets, uphold brand reputation, and help safeguard the critical
infrastructure on which our society relies.
Speaker:
Eric Lackey, Principal Advisor, Flashpoint - Insider Threat Program Management
Biscayne
5:30PM-5:50PM
General Session – 6
Cybersecurity Center of the Americas: Creating Cybersecurity Experts
Learn how the state-of-the-art Cyber Range training platform, located at the Cybersecurity Center of the Americas at Miami Dade College, can help transform your entire IT organization into an elite cybersecurity unit. See first-hand how the hyper-realistic training platform is revolutionizing cybersecurity training by creating security experts with the critical hands-on skills needed to respond to
Grand Ballroom
8 | P a g e
today's advanced global security challenges and understand how the Cyber Range will provide you the unique opportunity of evaluating your organization's cyber capabilities, incident response readiness and cybersecurity personnel's level of preparedness. Speakers:
Erez Hevroni, CEO and Founder, Cyber Miami and InnoTech, LLC Frank Martinez, Security Analyst, Miami Dade College.
5:50PM-6:50PM
General Session - 7
AI & Big Data best practices in Cybersecurity
Moderator:
Marcos Galigarcia, Founder & CEO, Riskbucket Speakers:
Charlotte Newman, Public Policy, Amazon
Phyllis Schneck, Global Leader of Cyber Solutions, IBM – Promontory
Grand Ballroom
7:00PM – 9:30PM
Cocktail Reception – Pool Area
Join us for a fun night of Casino with Blackjack, Roulette, Poker Games
Pool Area
DAY TWO | Tuesday, Oct 30, 2018
7:00AM –3:00PM Registration
Mezzanine Level
7:30AM – 8:30AM Continental Breakfast Exhibit Area-
Mezzanine Level
9 | P a g e
8:15AM – 9:15AM
General Session 8- Spanish
The efforts that Latin American banking is developing on Cybersecurity and how
to integrate them into a continental network
Moderator:
Giorgio Trettenero, Secretario General, FELABAN
Speakers:
Santiago Castro, Presidente, Asobancaria Colombia Martín Naranjo, Presidente, Asociación de Bancos del Perú Jorge Domingo Samayoa, CEO y Fundador, Plus Technologies Julio José Prado Lucio-Paredes, Presidente de Directorio / Director Ejecutivo de la
Asociacion de Bancos Privados del Ecuador
Grand Balllroom
9:15AM – 10:15AM
General Session 9-Spanish
Study on Cybersecurity in the Banking Sector of Latin America and the Caribbean
Belisario Contreras, Cybersecurity Program Manager – Inter-American Committee against
Terrorism – Secretariat for Multidimensional Security - Organization of American States
Andres Maz, Public Policy – AWS, Amazon
Grand Ballroom
10:15AM –11:00AM
Breakout Session 4A
Innovations in Data Security: Changing the Environment for the Better The application of prospective security around all forms of data using AI, IoT, ML/Deep
Learning, and block chain and how it can and will ultimately change the way we do business, change the environment for the better in terms of data and network security
Speaker:
David Shedd, Senior Adviser, Financial Integrity Network
Leandro Bennaton, Head of Security Assurance for Financial Services LATAM, Amazon Web
Services
Grand Ballroom
10:15AM –11:00AM
Breakout Session 4B
The Most Dangerous Attack Techniques, how can you prepare?
This panel discussion will outline the top trends in security analytics technology and how
leveraging threat intelligence can help organizations on their journey to cyber resilience.
The panel will be led by top security experts across the ecosystem to learn more about:
- What's new on the threat landscape
- How to leverage security analytics to investigate and hunt modern threats
- How cyber threat intelligence helps organizations understand their risk of external
threats
Moderator:
Dan Molina, Co-Author – “Blackhatonomics – An Inside Look at the Economics of
Cybercrime” and Industry recognized keynote spokesperson / evangelist.
Panelists:
Ben Smith, Sr Systems Engineer, Digital Shadows
Chopin
10 | P a g e
Iker Alonso, LATAM Sales Engineer, Anomali Marcos Schejtman, LATAM, Solution Architect, LogRhythm
10:15AM –11:00AM
Breakout Session 4C
Disaster Recovery – Puerto Rico, Chile, Mexico
Moderator:
Alexis Alcantara, Director de Seguridad, Banco Multiple ADEMI S.A. / vicepresidente – Comité Celaes
Speakers:
Osiris de León, Consejero Científico del Poder Ejecutivo en prevención de desastres, Miembro Academia de Ciencias de la RD
Biscayne
11:00AM-11:30AM Coffee Break
Exhibit Area-
Mezzanine Level
11:30AM-12:15PM
Breakout Session 5A
Human Element & Security
Moderator: Guillermo Benites, VP of Financial Services, UDT
Speakers:
Javier Chistik, Territory Account Manager Southern Cone, Forcepoint Juan Roa Salina, CISO, BICE Mike Sanchez, Chief Information Security Officer, UDT Santiago Martinez, Information & Corporate Security Officer, BAC Florida Bank
Grand Ballroom
11:30AM-12:15PM Breakout Session 5B
Implementing the FFIEC Cat in Latin America
Moderator:
Alejandro Mijares, Risk Advisory Services Leader - Banking & Information
Security, Kauffman Rossin
Speakers:
Christian Guerra, Gerente de Desarrollo de Sistemas, Arquitectura y Seguridad Informática, BCI
Rodrigo Rubio, Sub-Gerente de Seguridad Tecnológica y Control, BCI Pablo Contreras, Líder de Seguridad de Riesgo Tecnológico, BCI
Chopin
11 | P a g e
11:30AM-12:15PM
Breakout Session 5C
The GDPR and LatAm Compliance.
The new European General Data Protection Regulation (GDPR) promises to have
broad impact on global data-processing activities, including those in LatAm. This
session will provide a practical and operational perspective on how to approach the
GDPR, along with recent guidance and ways to address challenges.
Moderator: Richard M. Martinez (Jones Day, Minneapolis),
Speakers:
*Mauricio Paez, Technology, Cybersecurity and Data Protection Partner, Jones Day *Sabina Jausovec-Salinas, Senior Director, International Privacy Compliance, Walmart *Invited
Biscayne
12:15PM-1:15PM
General Session 10
Strategic Vision and Trends in Cybersecurity: C-Suite View
Moderator:
Guillermo Arduino, Anchor and Correspondent, CNN
Speakers:
Ana Roldan, AVP, Chief Information Security Officer, Miami Dade College Lisa Lee, Chief Security Advisor – Enterprise Cybersecurity Group, Microsoft Mauricio Angee, Chief Information Security Officer-Director of IT Security, Mount
Sinai Medical Center Sergio Pinon, Senior Vice President, Director of Security, Ocean Bank
Grand Ballroom
1:15PM-2:15PM Lunch & Network Chopin/Biscayne
2:15PM-3:15PM General Session-11
Latin America’s Fintech Legislative Update on Personal Data / Cybersecurity.
This session will address the latest legislative developments in key jurisdictions,
including USA, Mexico, Colombia and Brazil in Fintech data driven/ cybersecurity
developments. Specialists will comment on their jurisdictions, discussing
enforcement, data protection regulations (addressing new technologies and
12 | P a g e
Fintech), data breach notification requirements, and data transfer restrictions and
challenges investors are facing in the region.
Moderator: Guillermo E. Larrea, Latin America Compliance & Cyersecurity, Jones Day
Speakers:
Sergio Alvarez Mena, Partner, Jones Day Peter Goldberg, Senior Vice President, Master Card Liliana Marcos, Directora General de Disposiciones, CNBV IBM Banco Base PayPal
3:15PM-4:15PM General Session – 12
“How the blockchain technology can prevent cybercrime”
Key Takeaways
You will understand what a blockchain is and its basic functionality. A good overview of Bitcoin it's origin and its future. What is the SEC's position on BitCoin. The latest news on Bitcoin ETF's. What is an ICO. How are Financial Institutions working with the Blockchain. How many types of cryptocurrencies are there and what are their use cases.
Moderator:
Robert Villanueva, Executive Vice President, Q6 Cyber & Retired Secret Service
Cyber Intelligence Section Founder
Speakers:
Kevin Rosen, Partner, Shutts & Bowen Pablo Junco, Digital Transformation Portfolio Director, Microsoft Corp Marshall Swat, CEO/Founder, Swat Cryptocurrency Exchange, Former
CTO/Founder, Coinsetter Exchange Rick Arias, Detective Miami Beach PD, Miami Electronic Crimes Task Force, U.S.
Secret Service – Computer Forensics
Grand Ballroom
13 | P a g e
4:15PM-5:00PM
Breakout Session 6A
Cybersecurity in the Latin American banking sector - Opportunities and Challenges Increasingly, the Latin American and Caribbean region is being targeted by cyber-attacks In particular in the banking sector, there have been significant losses. Banks in Mexico have registered impacts of the order of almost 100 million dollars, only counting the attacks carried out via phishing. The attacks are increasingly sophisticated, with greater financial impact, also affecting the reputation of financial institutions. Between 2017 and 2018, IDC carried out, with the sponsorship of FORTINET, a study of how Latin American companies and organizations are developing the technological infrastructure of cybersecurity in response to these attacks. In this presentation, IDC and FORTINET will show the results of this study, with emphasis on the banking sector, and in areas of great importance, such as: investment levels, characterization and frequency of attacks, external communication policies of events, and outsourcing of services associated with cybersecurity
Moderator: Carlo Dávila La Rosa, Senior Analyst, Research & Consulting, IDC Latin América
Speaker: Jose Lopez, Cybersecurity, Analytics & Enterprise Risk Manager Solutions, for
Enterprise Banking & Financial Services, Fortinet
Grand Ballroom
4:15PM-5:00PM
Breakout Session 6B
RSA
Biscayne
4:15PM-5:00PM
Breakout Session 6C Virtual Currency and Block Chain Forensic
Speakers: Samantha Stutman, Director, Chainalysis Daniel Sankey, BSA Compliance Officer, Coinbase
Chopin
5:00PM-5:20PM Coffee Break – Exhibit Area
Exhibit Area –
Mezzanine Level
5:20PM-6:20PM
General Session-13
The Future of Banking: Innovation, Transformation and Cyber Security
Moderator:
Diego Todeschini, Global Business Development, Finconecta
Speakers:
Laura Jiménez, Directora Regional, Darktrace
Grand Ballroom
14 | P a g e
6:20PM - 6:30PM
Closing Remarks – Raffles
David Schwartz, President & CEO, FIBA
Giorgio Trettenero, Secretario General, FELABAN
Santiago Rodriguez, Director Seguridad Gestión del Efectivo y Valorados, Videpresidencia de
Servicios, Banco Pichincha y Presidente, Comité CELAES- FELABAN
Grand Ballroom